Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Ever wanted to work as a "chief hacker" "security evangelist"? This is a place to post jobs or ask for work. Over time as I hear about job offers, we can consolidate them into this board. 

Pages: 12345...LastNext
Current Page: 1 of 7
Results 1 - 30 of 202
2 years ago
nEUrOO
Yeah, you cannot go out of the webdir; this is a redirect (so, it will be a 302). If you're luck w/ a old version of java, try to different vuln here (response splitting, header inj., etc.)
Forum: SQL and Code Injection
4 years ago
nEUrOO
Well, if you wanna play with those low-level findings tools, you could look at the http://samate.nist.gov/SRD test cases... Just be aware that those do not represent real applications, it's too much synthetic. Otherwise, go to CVE, pick a project, not too big, with lots of vulns, and run the tools on it... you can then correlate results from tools (weaknesses) with vulns.
Forum: Projects
4 years ago
nEUrOO
Folks, Cigital (www.cigital.com) is looking to hire few pen-testers in NoVa, NYC or west coast. If interested send me a mail. We are looking for motivated people, it's best if you have experience in the field, but the most important is to show interest. Even if the positions are mostly for web pen-testers, you might be doing many different things. In fact, I've done online games (MMORPG, et
Forum: Jobs
4 years ago
nEUrOO
go and read about web apps scanners (you can start with this http://projects.webappsec.org/Web-Application-Security-Scanner-Evaluation-Criteria) and source code/byte-code scanners, then you'll be able to ask intelligible questions
Forum: Projects
4 years ago
nEUrOO
you should... be proud of being a "Certified Information Systems Security Professional". You should even tatoo the sign "CISSP" somewhere IMO ;)
Forum: News and Links
4 years ago
nEUrOO
thought you also promised hookers...
Forum: News and Links
4 years ago
nEUrOO
not to the conf. but for beers after, am mostly available :)
Forum: News and Links
4 years ago
nEUrOO
how do they block this data? __Setter__ overloaded? server-side check?
Forum: XSS Info
5 years ago
nEUrOO
i don't want to see thornmaker dancing almost naked in the street with his CISSP certif folded in fig leaf... O_o
Forum: XSS Info
5 years ago
nEUrOO
@thornmaker yeah, add "Thornmaker, CISSP" in your signature :} -- be proud! it's okay you know...
Forum: XSS Info
5 years ago
nEUrOO
sirdarckcat Wrote: > > the cheatsheet would still be used by.. well.. > CISSPs, and tra.ckers by us :) I don't wanna spoil anything, but thornmaker is CISSP'd :P
Forum: XSS Info
5 years ago
nEUrOO
Well, his main filter isn't bad at all a-zA-Z0-9:%-_ leaves few places for injection, I would remove the : and % and claim you're almost okay as long as you also do that on the headers and that the encoding is checked then, the weak filters are useless...
Forum: XSS Info
5 years ago
nEUrOO
expres/**/sion also?
Forum: XSS Info
5 years ago
nEUrOO
Not sure to get what you're saying here... But GIFARs are when ppl are able to upload file to your server (basically, a GIF that will be interpreted as a JAR applet later on, when rendered by the browser). Is this your case? If so, why IP restriction? Do I miss something?
Forum: CSRF and Session Info
5 years ago
nEUrOO
If you want a benchmark for your crawler: http://code.google.com/p/wivet/ And based on the results, that's why I told you that w3af could be a good open-source choice
Forum: Projects
5 years ago
nEUrOO
afaik, this will only work if your script is executed from the file system and not from a remote site -- otherwise, you'll be blocked by the Same Origin Policy. on the local file system, only webkit based (chrome, safari) and opera will allow you to do something like: xhr.open('GET', 'file://C:/win.ini', false); maybe some old versions of firefox & IE too, but not the last ones
Forum: XSS Info
5 years ago
nEUrOO
i hope that a "sr. security engineer" must have more than a "basic experience" in "xss and sql injection." you can do better :)
Forum: Jobs
5 years ago
nEUrOO
i think i remember that webgoat needs to be installed in C:/webgoatit-5.2 coz some predefined/hardcoded environment paths. otherwise, grep for the path on different files and look if there are hardcoded paths
Forum: Projects
5 years ago
nEUrOO
it's quite tough to create a good crawler, many client-side technologies to parse (at least, JS & Flash for the common ones). I understand that you want something very basic, then Reiners' might work well. Anyhow, w3af has a good crawler (for an open-source product), so you might want to take a look at it -- and btw, it's already a web apps scanner framework, so you could use it to develop you
Forum: Projects
5 years ago
nEUrOO
redirection service xss: hxxp://ow.ly enter URL like: http://foobar.com_unique/"><script>alert(/pwn/)</script>
Forum: Full Disclosure
5 years ago
nEUrOO
hxxp://www.makeet.com/fr/recherche/<script>alert(/pwn/);</script>/index_1.html?filter=recents
Forum: Full Disclosure
5 years ago
nEUrOO
What do you mean you "have"? Your websites HTML uses these markups or you can inject in these parts? Not sure to understand your request...
Forum: XSS Info
5 years ago
nEUrOO
@Fugitif: very funny, especially since... http://audited.netcraft.com/web-application :)
Forum: Full Disclosure
5 years ago
nEUrOO
I believe this is too high level for developers. If your target is security guy that want to learn what to teach about secure dev principles, I think it's okay. For a developer, I would rather use extensive examples (this is how ppl develop nowadays), talk about frameworks, etc. If you say "output encoding" they will say WTF is that? Will they do it right? I'm sure than most of devs won
Forum: Projects
5 years ago
nEUrOO
content-type is guessed by IE based on content (if "X-Content-Type-Options: nosniff" is not set), but the download part should prevent from the automatic execution in the domain at least... Might be some scenario where the user have automatic opening / content-disposition not going through / etc. but these are border cases...
Forum: XSS Info
5 years ago
nEUrOO
yeah what I think too, but anyway, it's not impossible to do it anyway with the free version...
Forum: XSS Info
5 years ago
nEUrOO
Yeah, there is obviously a marketing/business choice behind that too... which I believe is not a good one.
Forum: XSS Info
5 years ago
nEUrOO
This explains a bit why: https://twitter.com/RafalLos/status/1575901429
Forum: XSS Info
5 years ago
nEUrOO
I was looking at the checks they have... (have to inspect the HP.AppSec.Flash.Analyzer.dll file). It's a real pity they didn't open this part (signed .NET apps/resource), it would have been great to be able extend the checks; even though they seems to be regexp/boolean-expr, it's really possible to do WAY better than what they have right now...
Forum: XSS Info
5 years ago
nEUrOO
Yeah, the analysis capabilities are really limited as far as I can tell... but as gareth said, the decompiler is great. I'm pretty sure they're working on the analysis part so we should see something better coming up...
Forum: XSS Info
Pages: 12345...LastNext
Current Page: 1 of 7